Originally Posted by gatito
... We are very careful with our usage so as to keep this system up and running for emergencies.
All the more reason to have had your network adequately protected since installation
rather than just since you noticed unauthorized access. In my opinion, your organization shoulders at least some of the blame here because you did not protect yourself. If you own a bank, you don't lock the front door with a pad lock and go home at night thinking you're secure. If you do, you shouldn't cry because you were burglarized.
There are just as many teenagers who know how to secure a network as there are who know how to hack a network. (They are the same teenagers.) If you don't know how to do it yourself, hire one for $20 and they'll hook you up.
Also, there's no telling how many crews of varying nationalities have used your Internet
access. Was it really necessary to add "by Americans"?